diff options
| author | Michael Niedermayer <michael@niedermayer.cc> | 2019-10-31 09:31:22 +0100 |
|---|---|---|
| committer | Michael Niedermayer <michael@niedermayer.cc> | 2019-11-01 14:43:16 +0100 |
| commit | f011572e66c8dd2f0ac3cb147a769e91f24e0202 (patch) | |
| tree | 34e413dd38890f6fc786e4e4d4da304b06f0892e | |
| parent | 99fc5059fbee8a0fd2957f958b34fdec1e9ca361 (diff) | |
| download | ffmpeg-streaming-f011572e66c8dd2f0ac3cb147a769e91f24e0202.zip ffmpeg-streaming-f011572e66c8dd2f0ac3cb147a769e91f24e0202.tar.gz | |
avcodec/utils: Check block_align
Fixes: out of array access
Fixes: 18432/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_WMAV2_fuzzer-5675574936207360
Fixes: 18326/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_WMAV2_fuzzer-5071752362721280
Fixes: 18384/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_WMAV1_fuzzer-5769439500304384
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Reviewed-by: Paul B Mahol <onemda@gmail.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
| -rw-r--r-- | libavcodec/utils.c | 5 |
1 files changed, 5 insertions, 0 deletions
diff --git a/libavcodec/utils.c b/libavcodec/utils.c index 6cc770b..75e7035 100644 --- a/libavcodec/utils.c +++ b/libavcodec/utils.c @@ -694,6 +694,11 @@ int attribute_align_arg avcodec_open2(AVCodecContext *avctx, const AVCodec *code ret = AVERROR(EINVAL); goto free_and_end; } + if (avctx->block_align < 0) { + av_log(avctx, AV_LOG_ERROR, "Invalid block align: %d\n", avctx->block_align); + ret = AVERROR(EINVAL); + goto free_and_end; + } avctx->codec = codec; if ((avctx->codec_type == AVMEDIA_TYPE_UNKNOWN || avctx->codec_type == codec->type) && |
